While efforts at achieving a secure information environment tend to focus on the necessary technology to prevent breaches, the single biggest cause of incidents has less to do with technology and more to do with the actions (or lack of actions) of individuals.
It is therefore in your staff that the real key to a more secure organisation lies – and the figures to confirm that are readily available: in the 2016 Cyber Security Intelligence Index, IBM found that 60 percent of all attacks were carried out by insiders.
Surprisingly, three-quarters of these Cyber Security incidents occurred through malicious intent, while the rest were oversights or errors.
And, while this research found that that healthcare, manufacturing, and financial services are the most commonly attacked organisations, no business is immune from the possibility of attack and what every company, regardless of vertical market, has in common is people. That means the threat posed by insiders is one shared by all businesses.
What makes insider threats particularly difficult to manage is the fact that people working in your company are trusted (or you wouldn’t have hired them). That makes detection difficult. When the insider is operating wilfully, they work to cover their tracks and can frustrate any effort to investigate.
At the same time, it is necessary for security policies to enable people to get their work done – a restrictive one will get in the way of productivity.
That doesn’t mean it is impossible to manage insider risks. Analytics and artificial intelligence are being introduced to help spot potential insider threats. That must combine with a focus on the right factors to ensure an appropriate posture is taken. Those factors are:
- Protect the right assets. Identify the information assets which are likely to be valuable to an attacker and protect those accordingly.
- Leverage analytics. We’re creatures of habit and that means analytic technology can spot the exceptions to usual behaviour to pinpoint indications that systems have been compromised.
- Know your employees. Some workers will be more likely to present a potential risk than others owing to their job type (like IT administrators). Know who they are and take the appropriate precautions.
- Start with the basics. A substantial proportion of successful hacks occur because the absolutely fundamentals have been ignored. Think of the basics as a foundation – without it, nothing can be built on top. The basics include always updating software, strong password standards and policies, user education about security risks and security software which is always up to date.
Big security hacks regularly make the news, often with stories about high profile hacking groups. However, as IBM has shown, the chances of that happening to your organisation is lower than a staff member making a crucial mistake or going rogue. A focus on your people is an essential component for a rigorous security posture which will help keep your company safe.